CVE-2010-2520
Debian Linux Security Advisory 2070-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Desbordamiento de búfer basado en la memoria dinámica en la función Ins_IUP en truetype/ttinterp.c en FreeType anterior a v2.4.0, cuando TrueType bytecode support está habilitado, permite a a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de ficheros fuente manipulados.
Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-06-30 CVE Reserved
- 2010-07-15 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List | |
http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List | |
http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List | |
http://secunia.com/advisories/48951 | Third Party Advisory | |
http://support.apple.com/kb/HT4435 | Broken Link |
|
URL | Date | SRC |
---|---|---|
https://savannah.nongnu.org/bugs/?30361 | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b | 2021-03-23 | |
https://bugzilla.redhat.com/show_bug.cgi?id=613198 | 2021-03-23 |
URL | Date | SRC |
---|---|---|
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | 2021-03-23 | |
http://www.debian.org/security/2010/dsa-2070 | 2021-03-23 | |
http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | 2021-03-23 | |
http://www.ubuntu.com/usn/USN-963-1 | 2021-03-23 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Freetype Search vendor "Freetype" | Freetype Search vendor "Freetype" for product "Freetype" | < 2.4.0 Search vendor "Freetype" for product "Freetype" and version " < 2.4.0" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 8.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 9.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "9.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 9.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "9.10" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | < 10.6.5 Search vendor "Apple" for product "Mac Os X" and version " < 10.6.5" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 5.0 Search vendor "Debian" for product "Debian Linux" and version "5.0" | - |
Affected
|